France’s financial authorities have revealed a major cybersecurity breach affecting approximately 1.2 million bank account records. The incident targeted the country’s centralized bank account registry, raising serious concerns about data protection, identity theft, and financial fraud. Officials have launched a full investigation while strengthening national cybersecurity defenses.
Unauthorized Access to National Bank Registry
The French Ministry of Finance confirmed that attackers infiltrated the national bank account registry, known as FICOBA. The breach reportedly occurred after a threat actor used login credentials stolen from a civil servant who had authorized access to an interministerial information sharing platform.
Using these compromised credentials, the attacker gained entry to a portion of the registry’s database. The accessed records reportedly included highly sensitive financial and personal information such as:
- Bank account identifiers, including RIB and IBAN details
- Account holder identity information
- Residential addresses
- Taxpayer identification numbers, in some instances
Although authorities acted swiftly to block further unauthorized access once the breach was detected, investigators believe that data linked to around 1.2 million accounts may already have been exposed or exfiltrated.
What Is FICOBA
FICOBA functions as France’s centralized registry of bank accounts. It is administered by the French tax authority, the Direction générale des Finances publiques.
The system records the existence and identifying details of accounts opened within French banking institutions. Banks are legally required to submit this information under national tax enforcement regulations. While FICOBA does not typically store account balances or transaction histories, it maintains critical identification data that can be misused if compromised.
Operational Disruption and Response Measures
The cyberattack has temporarily disrupted FICOBA’s operations. Authorities are currently working to restore the system with improved security safeguards. However, no official timeline has been provided for full operational recovery.
The Ministry has stated that affected individuals will receive direct notifications in the coming days. Financial institutions across France have also been informed and are expected to advise customers to remain vigilant against fraud attempts.
France’s data protection authority, the Commission nationale de l’informatique et des libertés, has been formally notified of the incident.
Meanwhile, technical teams from the Direction générale des Finances publiques are collaborating with the Ministry of Finance and the Agence nationale de la sécurité des systèmes d’information to reinforce system defenses and prevent further compromise.
Surge in Scam Attempts
Officials have warned that cybercriminals are already exploiting the situation. Reports indicate a wave of phishing campaigns via email and SMS messages designed to trick citizens into revealing banking details or transferring funds.
The Ministry emphasized that tax authorities never request login credentials or bank card information through unsolicited messages. Citizens are urged to ignore suspicious communications and verify any requests through official government channels.
Broader Cybersecurity Implications
This incident highlights ongoing risks associated with credential theft and centralized government databases. Even when direct financial balances are not exposed, the combination of personal identity data and banking identifiers creates a high-value target for fraud, identity theft, and social engineering campaigns.
The breach underscores the importance of multi-factor authentication, strict access controls, continuous monitoring, and proactive threat intelligence in protecting critical financial infrastructure.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
